02-29-2020 04:29 PM
I see "vendor ID seems Unity/DPD but major 69 mismatch" in a working debug between 2 routers for IPSEC. Not able to find info for what this means. Any help?
Solved! Go to Solution.
02-29-2020 05:01 PM
isakmp up and running. i mean phase 1 up? and so the phase2? the way you said it seems all working fine but in your debug you see vendor ID seems Unity/DPD but major 69 mismatch.
Dead peer detection (kind of keep alive, you there or call it a kind of control plan) is going on. however major 69 mismatch this information is optional according to IEEE this is not a mandatory unless some one prove me i am wrong this is my understand of reading the IEEE isakmp. each vendor put different attribute in isakmp heard for example cisco/juniper etc.
03-01-2020 08:19 AM
Hi,
That message is purely informational, in general. Each vendor attaches its own proprietary info in the ISAKMP packet, and that message usually means the remote side is another vendor , which means the proprietary info is kinda ignored. The IPsec tunnel should still come up.
Regards,
Cristian Matei.
03-01-2020 11:17 PM
These above messages are for specific to vendor not binding with IEEE. Therefore they can be easily ignore.
howerver in is is isakmp/ikev1 you only need to focus on the 4 stages here the link https://www.tunnelsup.com/isakmp-ike-phase-1-status-messages/
02-29-2020 05:01 PM
isakmp up and running. i mean phase 1 up? and so the phase2? the way you said it seems all working fine but in your debug you see vendor ID seems Unity/DPD but major 69 mismatch.
Dead peer detection (kind of keep alive, you there or call it a kind of control plan) is going on. however major 69 mismatch this information is optional according to IEEE this is not a mandatory unless some one prove me i am wrong this is my understand of reading the IEEE isakmp. each vendor put different attribute in isakmp heard for example cisco/juniper etc.
03-01-2020 08:19 AM
Hi,
That message is purely informational, in general. Each vendor attaches its own proprietary info in the ISAKMP packet, and that message usually means the remote side is another vendor , which means the proprietary info is kinda ignored. The IPsec tunnel should still come up.
Regards,
Cristian Matei.
03-01-2020 07:18 PM
03-01-2020 11:17 PM
These above messages are for specific to vendor not binding with IEEE. Therefore they can be easily ignore.
howerver in is is isakmp/ikev1 you only need to focus on the 4 stages here the link https://www.tunnelsup.com/isakmp-ike-phase-1-status-messages/
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide